//package cn.lbf.stuniversity.shiro.configuration;
//
//
//
//import cn.lbf.stuniversity.shiro.entity.User;
//import cn.lbf.stuniversity.shiro.service.UserService;
//import org.apache.shiro.authc.*;
//import org.apache.shiro.authz.AuthorizationInfo;
//import org.apache.shiro.realm.AuthorizingRealm;
//import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
//import org.apache.shiro.subject.PrincipalCollection;
//import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//
//import java.util.HashMap;
//import java.util.Map;
//
//@Configuration
//public class ShiroConfig {
//
//    @Autowired
//    private UserService userService;
//
//    @Bean
//    public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager) {
//        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//        shiroFilterFactoryBean.setSecurityManager(securityManager);
//
//        // 自定义过滤器配置
//        Map<String, String> filterChainDefinitionMap = new HashMap<>();
//        filterChainDefinitionMap.put("/login", "anon"); // 匿名访问
//        filterChainDefinitionMap.put("/logout", "logout"); // 退出登录
//        filterChainDefinitionMap.put("/**", "authc"); // 其他所有 URL 需要认证
//
//        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
//        shiroFilterFactoryBean.setLoginUrl("/login");
//        shiroFilterFactoryBean.setSuccessUrl("/home");
//        shiroFilterFactoryBean.setUnauthorizedUrl("/403");
//
//        return shiroFilterFactoryBean;
//    }
//
//    @Bean
//    public DefaultWebSecurityManager securityManager() {
//        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//        securityManager.setRealm(userRealm());
//        return securityManager;
//    }
//
//    @Bean
//    public UserRealm userRealm() {
//        return new UserRealm();
//    }
//
//    public class UserRealm extends AuthorizingRealm {
//
//        @Override
//        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//            // 这里可以添加角色和权限的授权逻辑
//            return null;
//        }
//
//        @Override
//        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//            String username = (String) token.getPrincipal();
////            User user = userService.login(username,null);
//            User user = null;
//            if (user == null) {
//                throw new UnknownAccountException("用户不存在");
//            }
//            if (!user.getPassword().equals(new String((char[]) token.getCredentials()))) {
//                throw new IncorrectCredentialsException("密码错误");
//            }
//            return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), getName());
//        }
//    }
//}
